1. Field of the Invention
The present invention relates to computer systems. More particularly, the present invention relates to a system and method of verifying the authenticity of dynamically connectable executable images.
2. Description of the Related Technology
New object models now provide for the dynamic integration of software applications at run time. For example, Windows, an operating system licensed by Microsoft Inc., allows for the dynamic integration of a software application with a dynamic link library during the execution of the software application. Upon a user request for the execution of the software application, a program loader copies a xe2x80x9cdisk imagexe2x80x9d of the application from disk storage to main memory to create a xe2x80x9cprocess image.xe2x80x9d The disk image refers to the executable image before it is loaded, whereas the process image refers to the executable image after it is loaded in memory. Both the disk image and the process image typically include a fix-up section that identifies which portions of the software need to be fixed-up to reference the dynamic link library at run time.
Significantly, after loading, the process image is different then the disk image. As such, a checksum that had been prepared with respect to the disk image would no longer match the checksum of the process image, even if the process image had not been improperly tampered with.
Therefore, there is a need for a system that can verify the identity of a software application in a dynamic loading environment. In particular, the system should be able to determine whether a software application that has been dynamically connected to another data object has been tampered with subsequent to the execution of the software application.
One embodiment of the invention includes a system for determining the authenticity of an executable image, the system comprising an executable image having one or more pointers, and a validator capable of generating at a first point in time a reference digital signature based upon a selected content of the executable image excluding each of the pointers, wherein the validator generates an authenticity digital signature at a second point in time based upon the selected content of the executable image excluding each of the pointers, and wherein the validator determines whether the reference digital signature matches the authenticity digital signature.
Another embodiment of the invention includes a system for determining the authenticity of an executable image, the system comprising an executable image having one or more pointers and wherein the executable image includes information specifying whether each of the pointers reference locations that are within the executable image, and a validator capable of determining whether each of pointers references a respective location that is within the executable image.
Yet another embodiment of the invention includes a system for determining the authenticity of an executable image, the system comprising a first executable image, a second executable image that includes a pointer that references a location within the first executable image, and a validator capable of determining whether the pointer references a location within the first executable image.
Yet another embodiment of the invention includes a system capable of determining the authenticity of an executable image, the system comprising: a first executable image, a second executable image, comprising an import table including the identifier of the first executable image and one or more external pointers, each of the external pointers referencing a location within the first executable image, and a code section containing machine code and one or more import pointers, each of the import pointers referencing a location within the import table, and a validator capable of generating at a first point in time a reference digital signature based upon a selected content of the executable image, the selected contents excluding each of the import pointers and the external pointers, wherein the validator generates an authenticity digital signature at a second point in time based upon the selected content of the executable image excluding each of the one or more pointers, wherein the validator determines whether the reference digital signature matches the authenticity digital signature, wherein the validator determines whether each of the import pointers reference a location within the first executable image, and wherein the validator determines whether the import pointer references a location within the first executable image.